iCentrum, Innovation Birmingham Campus,
6 Holt Street,
Birmingham Science Park Aston,
Company number: 9440706
VAT number: 227660111
Phone number: 0121 250 5795
The policy operates with regard to the services offered on the Kaido Wellbeing website (http://www.kaidowellbeing.com/)the Kaido Website (http://www.kaido.org) as well as Kaido Wellbeing Apps and Web Services.
The term 'website' means the website located at www.kaidowellbeing.com.
The purpose of this policy is to tell you what kind of information we may gather about you when you visit the website, how we may use that information, whether we disclose it to anyone and the choices you have regarding our use of, and your ability to correct this information. It is our prior objective to ensure the privacy, integrity and security of all personal data of our users at all times.
Information is collected from you primarily to make it easier for you to use and gain enjoyment from the Kaido services. Kaido only collects such information when you provide it to us. We shall process your personal data only in accordance with the provisions of British Data Protection act 1998 C.29 (http://www.legislation.gov.uk/ukpga/1998/29), and the General Data Protection Regulations (GDPR) (Regulation (EU) 2016/679) as implemented in UK data protection law and European data protection law. Personal data shall mean any information relating to an identified or identifiable natural person. The European Standards of data protection are laid down in the Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
Users of Kaido Wellbeing either download an app onto their phone or access through the website which connects securely to the Kaido Insights platform using a HTTPS API with TLS encryption (specifically TLS v1.0-1.2 with a 2048 RSA key). The platform is delivered using Amazon Web Services (AWS) which is accredited to a variety of standards including ISO 27018 (a specific code of practice for managing personal data in the Cloud). Access to all data and insights is tightly scoped to a specific users' account preventing one user seeing another's data.
Our principal integration with health devices (apps, wearables and IoT devices) is through Human API, a third-party provider that aggregates and normalises wearable data in a secure manner. Once a user has joined Kaido, they have the option of connecting their devices using Human API, which is done through a simple and secure step by step (wizard) process. If they change their minds, users can revoke access to their device data whenever they choose. Human API push activity data to us via another HTTPS API and we then store this data in our Health Database.
Our Health Database stores all data against a Unique User Identifier away from other personal and identifiable data held by Kaido. By separating this data, we ensure that no identifiable activity data is stored in a single location. All of our health insights are derived from this non-human identifiable data. Considering the scenario of a data leak, a malicious third party would have to obtain copies and access to these multiple datasets in order to assemble identifiable health data.
All of our databases run on AWS's RDS platform which offers best practice security and good availability (regular backups are automatically managed to provide effective business continuity). All internal staff activity is logged and logins to servers involves use of personally identifiable accounts and authentication using strong SSH-based certificates. We regularly review our working practices to ensure we continue to operate at the highest level of security that we can.
Kaido will only use or disclose the personal information you have chosen to provide us with for the purpose for which you provided it. Kaido will not use it for any other purpose without your consent. We may use your personal information to: fulfil your registration, send you an order confirmation, send you requested service information, respond to customer service requests, administer your account, allow you to track your activity week to week, allow you to participate in challenges, see teams progress, send you a newsletter, send you marketing communications, administer contests you entered (and notify you if you won), improve our Website and marketing efforts, and display content based upon your interests.
We may also use or disclose your anonymised information for reporting purposes. For instance, we may use or disclose anonymised information about your participation in the Kaido Wellbeing challenge and aggregate performance information, and summary information about participants. We may also use or disclose your information for research and reporting purposes. For instance, we may use or disclose your information to better understand aggregate sleep patterns and daily active movement for a defined population.
As is true of most websites, we gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data. We use this information, to analyse trends, to administer the site, to track users' movements around the site, and to gather demographic information about our user base.
In addition, access to your personal data and other sensible information is strictly restricted to Kaido Group Ltd employees and contractors, as needed in order to operate, develop or improve the Service, and subject to specific internal procedures and safeguards. These individuals are selected in accordance with our security-policies and -regulations and are bound by confidentiality obligations. They may be subject to disciplinary measures, including possible dismissal and other sanctions, if they fail to meet these obligations.
From time to time, we may request other personal information to provide you with other benefits of the Service. In all such instances, you will be given the option of whether or not to provide that information, and any information you provide will be used only for the purpose stated at the time you provide that information. After that purpose is achieved, the collected personal data will be utterly deleted.
Notwithstanding the foregoing, Kaido reserves the right to share or disclose your personal information when it determines, at its sole discretion, that the disclosure of such information is necessary and appropriate:
Upon request Kaido will provide you with information about whether we hold any of your personal information. If your personal information changes, you may correct, update, amend, ask to have it removed from a public forum, directory or testimonial on our site or deactivate it by making the change on your member settings page, or by emailing our Customer Support at email@example.com or by contacting us by telephone or postal mail at the contact information listed above. If you no longer desire our service, please contact customer service. We will respond to your request within 30 days. We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
The use of information collected through our service shall be limited to the purpose of providing the service for which the Client has engaged: 'Kaido Wellbeing Workplace Wellness'. Kaido collects information under the direction of our Clients, and has no direct relationship with the employees whose personal data we process. If you are an employee of one of our Clients and would no longer like to be contacted by one of our Clients that use our service, please contact the Client that you interact with directly. We may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our Clients.
Kaido acknowledges that you have the right to access your personal information. Kaido has no direct relationship with the individuals whose personal data it processes. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct their query to the Kaido Wellbeing Client. If requested to remove data, we will respond within a reasonable timeframe.
We will retain personal data we process on behalf of our Clients for as long as needed to provide services to our Client. Kaido will retain this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
If you wish to subscribe to our newsletter and other communications, we will use your name and email address to send those communications to you. Out of respect for your privacy, you may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails, or you can contact us at firstname.lastname@example.org.
We may provide you the opportunity to participate in surveys on our site. If you participate, we may request certain personally identifiable information from you. Participation in these surveys or contests is completely voluntary and you therefore have a choice whether or not to disclose this information. The requested information typically includes contact information and demographic information (such as zip code / post code). We will not share the personally identifiable information you provide through a contest or survey with other third parties unless we give you prior notice and choice.
Technologies such as: cookies, beacons, tags, scripts and other similar technologies are used by us and our service providers, technology partners or other 3rd party assets (such as social media). These technologies are used to help administer the site, identify the total number of users, measure traffic patterns for research purposes, personalise or customise content so that a user's preferences can be "remembered" when they return to the site, and to better manage content.
We do not share any personal information about our customers with these third-party service providers, and these service providers do not collect such information on our behalf.
Our Website offers publicly accessible blogs. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog or community forum, contact us at email@example.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
We display personal testimonials of satisfied customers on our site in addition to other endorsements. With your consent, we may post your testimonial along with your name. If you wish to update or delete your testimonial, please contact us.
The profile you create on our site containing personal information, such as your full name, can be made visible to other registered members at your discretion. You may change the privacy settings through your profile page.